ID de Prueba:	1.3.6.1.4.1.25623.1.0.900046
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office Remote Code Execution Vulnerabilities (955047)
Resumen:	This host is missing critical security update according to; Microsoft Bulletin MS08-055.
Descripción:	Summary: This host is missing critical security update according to Microsoft Bulletin MS08-055. Vulnerability Insight: The issue is due to an error in the parsing of a URI using the onenote:// protocol handler. Vulnerability Impact: Remote attackers could be able to execute arbitrary code via a specially crafted OneNote URI referencing a specially crafted One Note file. Affected Software/OS: Microsoft Office XP/2003/2007. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3007 BugTraq ID: 31067 http://www.securityfocus.com/bid/31067 Bugtraq: 20080909 Insomnia : ISVA-080910.1 - MS Office OneNote URL Handling Vulnerability (Google Search) http://www.securityfocus.com/archive/1/496178/100/0/threaded Cert/CC Advisory: TA08-253A http://www.us-cert.gov/cas/techalerts/TA08-253A.html HPdes Security Advisory: HPSBST02372 http://marc.info/?l=bugtraq&m=122235754013992&w=2 HPdes Security Advisory: SSRT080133 http://www.insomniasec.com/advisories/ISVA-080910.1.htm Microsoft Security Bulletin: MS08-055 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-055 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5970 http://www.securitytracker.com/id?1020833 http://www.vupen.com/english/advisories/2008/2523
Copyright	Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.